Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9371f17eecb504172e85f4cfb6656b0b406276db4321ce59d05f3442e1505b7e

  • Size

    379KB

  • Sample

    231011-p87qrsha21

  • MD5

    82320cce4237ee3908bdfc9af6f1e9ce

  • SHA1

    6af4625450ebae17d87e5d05c5671bf0649f3c49

  • SHA256

    9371f17eecb504172e85f4cfb6656b0b406276db4321ce59d05f3442e1505b7e

  • SHA512

    6983d57e1b52f70e7eaf3175c5a43d50028deefe9dddde25b4f063fa5fc87b80a40a188c189aefa17e2b4688c6593df5c06f5f33249a22f9397ac270c2c87dea

  • SSDEEP

    6144:Ol4cRgs3r9vIum2Tg0N63KAOU7/rdu1rJAZuER2WfwTtg3F:OlvRP3r9HmeqbreJiuEFwTC3F

Score
10/10

Malware Config

Extracted

Family

mystic

C2

http://5.42.92.211/loghub/master

Targets

    • Target

      9371f17eecb504172e85f4cfb6656b0b406276db4321ce59d05f3442e1505b7e

    • Size

      379KB

    • MD5

      82320cce4237ee3908bdfc9af6f1e9ce

    • SHA1

      6af4625450ebae17d87e5d05c5671bf0649f3c49

    • SHA256

      9371f17eecb504172e85f4cfb6656b0b406276db4321ce59d05f3442e1505b7e

    • SHA512

      6983d57e1b52f70e7eaf3175c5a43d50028deefe9dddde25b4f063fa5fc87b80a40a188c189aefa17e2b4688c6593df5c06f5f33249a22f9397ac270c2c87dea

    • SSDEEP

      6144:Ol4cRgs3r9vIum2Tg0N63KAOU7/rdu1rJAZuER2WfwTtg3F:OlvRP3r9HmeqbreJiuEFwTC3F

    Score
    10/10
    • Detect Mystic stealer payload

    • Mystic

      Mystic is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks